<?php

abstract class AuthorizeWebController extends HttpController{
    
    protected $_USER_ID;
    protected $_ROLE_ID;
    
    protected $_USER_AUTHORIZE = array(
        //Non  user
        0 => array(
            "LoginController" =>true
            
        ),
        //Supplier
        1 => array(
            "HomepageController" => true,
            "SupplierController" => true,
            "PointSaleController" => true,
            "PointSaleFormController" => true,
            "PointSaleFormAjax" => true,
            "ProductGroupController" => true,
            "ProductGroupAjax" => true,
            "ProductGroupEditionController" => true
        )
    );
    
    public function isAuthorize(HttpRequest $request){
        $this->_ROLE_ID = $request->getSession("_USER_ROLE_ID",AUTO_ROLE_ID);
        $this->_USER_ID = $request->getSession("_USER_ID",AUTO_LOGIN_ID);
        $webPage = $request->getWebPage();
        if(isset($this->_USER_AUTHORIZE[$this->_ROLE_ID][$webPage])
                && $this->_USER_AUTHORIZE[$this->_ROLE_ID][$webPage]){
            return true;
        }
        echo "Permission Deny";
        return false;
    }
    
    
}